OESA-2026-1908
- Source
- https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2026-1908
- Import Source
- https://repo.openeuler.org/security/data/osv/OESA-2026-1908.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/OESA-2026-1908
- Upstream
- Published
- 2026-04-17T12:59:26Z
- Modified
- 2026-04-17T13:19:38.730542Z
- Summary
- sudo security update
- Details
-
Sudo is a program designed to allow a sysadmin to give limited root privileges to users and log root activity. The basic philosophy is to give as few privileges as possible but still allow people to get their work done.
Security Fix(es):
In Sudo through 1.9.17p2 before 3e474c2, a failure of a setuid, setgid, or setgroups call, during a privilege drop before running the mailer, is not a fatal error and can lead to privilege escalation.(CVE-2026-35535)
- Database specific
{ "severity": "High" }- References
Affected packages
openEuler:24.03-LTS-SP3 / sudo
Package
- Name
- sudo
- Purl
- pkg:rpm/openEuler/sudo&distro=openEuler-24.03-LTS-SP3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.9.15p5-6.oe2403sp3
Ecosystem specific
{
"aarch64": [
"sudo-1.9.15p5-6.oe2403sp3.aarch64.rpm",
"sudo-debuginfo-1.9.15p5-6.oe2403sp3.aarch64.rpm",
"sudo-debugsource-1.9.15p5-6.oe2403sp3.aarch64.rpm",
"sudo-devel-1.9.15p5-6.oe2403sp3.aarch64.rpm"
],
"src": [
"sudo-1.9.15p5-6.oe2403sp3.src.rpm"
],
"noarch": [
"sudo-help-1.9.15p5-6.oe2403sp3.noarch.rpm"
],
"x86_64": [
"sudo-1.9.15p5-6.oe2403sp3.x86_64.rpm",
"sudo-debuginfo-1.9.15p5-6.oe2403sp3.x86_64.rpm",
"sudo-debugsource-1.9.15p5-6.oe2403sp3.x86_64.rpm",
"sudo-devel-1.9.15p5-6.oe2403sp3.x86_64.rpm"
]
}